RubyGems - recog - Versions diffs - 2.3.15 → 2.3.20 - Mend

recog 2.3.15 → 2.3.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +26 -0
data/.snyk +10 -0
data/LICENSE +1 -1
data/bin/recog_standardize +8 -2
data/cpe-remap.yaml +314 -170
data/identifiers/README.md +24 -10
data/identifiers/fields.txt +104 -0
data/identifiers/hw_device.txt +5 -4
data/identifiers/hw_family.txt +17 -0
data/identifiers/hw_product.txt +87 -6
data/identifiers/os_architecture.txt +0 -10
data/identifiers/os_device.txt +12 -31
data/identifiers/os_family.txt +2 -94
data/identifiers/os_product.txt +45 -124
data/identifiers/service_family.txt +14 -37
data/identifiers/service_product.txt +283 -88
data/identifiers/vendor.txt +99 -192
data/lib/recog/version.rb +1 -1
data/requirements.txt +1 -1
data/update_cpes.py +110 -49
data/xml/apache_modules.xml +60 -0
data/xml/dns_versionbind.xml +40 -17
data/xml/favicons.xml +163 -20
data/xml/ftp_banners.xml +25 -25
data/xml/hp_pjl_id.xml +1 -1
data/xml/html_title.xml +561 -51
data/xml/http_cookies.xml +266 -61
data/xml/http_servers.xml +472 -96
data/xml/http_wwwauth.xml +53 -26
data/xml/ldap_searchresult.xml +10 -6
data/xml/mdns_device-info_txt.xml +308 -10
data/xml/ntp_banners.xml +15 -1
data/xml/operating_system.xml +1 -0
data/xml/rtsp_servers.xml +7 -0
data/xml/sip_banners.xml +346 -8
data/xml/sip_user_agents.xml +321 -7
data/xml/smb_native_lm.xml +32 -1
data/xml/smb_native_os.xml +158 -33
data/xml/smtp_banners.xml +48 -7
data/xml/smtp_expn.xml +1 -0
data/xml/smtp_help.xml +2 -0
data/xml/smtp_vrfy.xml +3 -1
data/xml/snmp_sysdescr.xml +211 -42
data/xml/ssh_banners.xml +127 -14
data/xml/telnet_banners.xml +44 -14
data/xml/tls_jarm.xml +140 -0
data/xml/x509_issuers.xml +179 -7
data/xml/x509_subjects.xml +252 -35
metadata +6 -5
data/identifiers/software_class.txt +0 -26
data/identifiers/software_family.txt +0 -91
data/identifiers/software_product.txt +0 -333

data/identifiers/README.md CHANGED Viewed

@@ -1,16 +1,27 @@
 # Recog: Identifiers
-This directory contains lists of standard identifiers for mapping Recog matches. The goal is define a standard set of constants to represent known software, hardware, vendors, and categories.
+This directory contains lists of standard identifiers for mapping Recog matches.
+The goal is define a standard set of constants to represent known software,
+hardware, vendors, and categories.
-This is currently incomplete and will be updated as standardization work moves forward.
+This is currently incomplete and will be updated as standardization work moves
+forward.
-Fingerprints should use these identifiers whenever possible; if a different name or syntax for a given identifier is preferred, this should be implemented in the application through a mapping function.
+Fingerprints should use these identifiers whenever possible; if a different name
+or syntax for a given identifier is preferred, this should be implemented in the
+application through a mapping function.
 ## Lists
+### Fields
+`fields.txt` defines the various fields (`os.vendor`, etc.) used to assert
+information about a match.
 ### Vendors
-`vendor.txt` defines known vendor names, covering services, operating systems, and hardware.
+`vendor.txt` defines known vendor names, covering services, operating systems,
+and hardware.
 ### Operating Systems
@@ -22,14 +33,14 @@ Fingerprints should use these identifiers whenever possible; if a different name
 `os_device.txt` defines known types of devices by function or purpose.
 ### Hardware
 `hw_product.txt` defines known hardware product names.
 `hw_family.txt` defines known hardware product families.
-`hw_device.txt` defines known types of devices by function or purpose (overlaps with `os_device.txt`).
+`hw_device.txt` defines known types of devices by function or purpose (overlaps
+with `os_device.txt`).
 ### Services
@@ -47,10 +58,13 @@ Fingerprints should use these identifiers whenever possible; if a different name
 ## Pending Work
-  * All existing fingerprints should be correlated against these lists to identify mismatches and updated accordingly.
+* All existing fingerprints should be correlated against these lists to
+  identify mismatches and updated accordingly.
-  * All net new identifiers from the existing fingerprints should be merged into these lists.
+* All net new identifiers from the existing fingerprints should be merged into
+these lists.
-  * All fingerprint assertions should be enumerated, documented, and standardized where possible (`host.mac`, etc).
+* All fingerprint assertions should be enumerated, documented, and standardized
+where possible (`host.mac`, etc).
-  * Hardware identifiers should be enumerated, consolidated, and standardized.
+* Hardware identifiers should be enumerated, consolidated, and standardized.

data/identifiers/fields.txt ADDED Viewed

@@ -0,0 +1,104 @@
+agilent.serial
+apache.info
+apache.variant
+apache.variant.version
+chromecast.capabilities
+chromecast.generation
+chromecast.serial_number
+cisco.imc_model
+cisco.serial_number
+cookie
+dell.service_tag
+extron.model
+fortinet.serial_number
+host.domain
+host.id
+host.ip
+host.mac
+host.mac_eui64
+host.mac_local
+host.name
+host.time
+hw.certainty
+hw.cpe23
+hw.device
+hw.family
+hw.model
+hw.product
+hw.series
+hw.vendor
+hw.version
+imail.eval
+jetty.info
+junction.cookie
+junction.name
+lenovo.machine_model
+lenovo.machine_type
+linux.kernel.version
+loadbalancer.poolname
+mdaemon.unregistered
+mercur.os.info
+metainfo.version
+metainfo.version.version
+ms.nttp.version
+notes.build.version
+ntmail.id
+openssh.comment
+openssh.cvepatch
+os.arch
+os.build
+os.certainty
+os.cpe23
+os.device
+os.edition
+os.family
+os.model
+os.product
+os.rev
+os.vendor
+os.version
+os.version.version
+os.version.version.version
+postfix.os.info
+postoffice.build
+postoffice.id
+procurve.model
+proftpd.server.name
+pureftpd.config
+python.version
+qpopper.version
+ruckus.serial_number
+securetransport.build
+sendmail.config.version
+sendmail.hpux.phne.version
+sendmail.vendor.version
+service.certainty
+service.component.cpe23
+service.component.family
+service.component.product
+service.component.vendor
+service.component.version
+service.cpe23
+service.device
+service.edition
+service.family
+service.node
+service.product
+service.protocol
+service.vendor
+service.version
+service.version.version
+service.version.version.version
+service.version.version.version.version
+siemens.model
+snmp.fpmib.oid.1
+snmp.fpmib.oid.2
+system.time
+system.time.format
+system.time.micros
+system.time.millis
+tandberg.model
+thttpd.mx-patch
+tomcat.info
+wd2go.device_id
+zmailer.ident

data/identifiers/hw_device.txt CHANGED Viewed

@@ -4,7 +4,7 @@ Access Control
 Alarm Panel
 Appliance
 Audio Encoder
-Broadband router
+Broadband Router
 Building Automation
 Cable Modem
 Check Scanner
@@ -22,6 +22,7 @@ Ethernet Adapter
 Firewall
 HMI Controller
 Handheld Scanner
+Hypervisor
 IP Camera
 IPS
 Industrial Control
@@ -40,11 +41,12 @@ Network Appliance
 Network Audio
 Network Management Device
 PLC
+Power Device
 Power Relay
-Power device
 Powerline
-Print server
+Print Server
 Printer
+Relay Controller
 Router
 SD-WAN Appliance
 SIP Device
@@ -71,7 +73,6 @@ VoIP Switch
 Voice Appliance
 WAP
 WLAN Repeater
-Web cam
 Whiteboard
 Wireless Controller
 Wireless Presenter

data/identifiers/hw_family.txt CHANGED Viewed

@@ -5,16 +5,20 @@ AirPort
 Apple TV
 Communication Manager
 DVR
+Data ONTAP
 DiskStation
 Document Centre
+EDR
 Extended Systems ExtendNet
 FRITZ!Box
+FRITZ!Fon
 FRITZ!Powerline
 FRITZ!WLAN Repeater
 FS
 Firewall-1
 Forms Printer
 FortiGate
+FortiVoice
 GW25
 GXV
 GXW
@@ -36,12 +40,16 @@ Mac mini
 MacBook
 MacBook Pro
 MegaRAC
+MiiNePort
 Multifunction
 My Book
 NE
 NPort
+NetScaler
 NetVanta
+Netscaler
 Network Audio
+Network Security Appliance
 Network Video Door Station
 Optra
 Orbi
@@ -57,8 +65,13 @@ Router
 S500 Range
 SIP Device
 SIP Gateway
+SL2100
 Service Access Switch
 Service Router
+Simatic HMI
+Simatic NET
+Simatic S7
+Simatic Sinumerik
 SoundPoint
 SoundTouch
 SpeedTouch
@@ -73,9 +86,12 @@ TelePresence
 Time Capsule
 TippingPoint
 Turbo Station
+UNIVERGE
 UniFi
 Unified Security Gateway
+VDX
 VSX
+Vigor
 VoIP
 WD2GO
 WiMax
@@ -87,6 +103,7 @@ Xserve
 ZXDSL
 ZXHN
 ZXV
+airMAX
 iLO
 iMac
 iPad

data/identifiers/hw_product.txt CHANGED Viewed

@@ -3,15 +3,18 @@
 34972A Data Logger
 3PAR
 53230A Frequency Counter
+883 VoIP
 ADB-4820CD
 APIC
 AV Receiver
 AVC787
+Access Control
 Access Gateway
 Access Point
 Adaptive Security Appliance
 AirPort Express
 AirPort Extreme
+Alarm Panel
 AppDynamics
 Apple TV (2nd generation)
 Apple TV (3rd generation)
@@ -33,27 +36,38 @@ Catalyst
 Catalyst 1900
 Celerra
 Chromecast
+ClearPass Policy Manager
 ClickShare
 CloudKey
 CommandPost
 ConnectUPS Web Card
 Crosswork SON Appliance
+D Series
+DCS-825L
+DCS-932
 DD OS
 DNA Center
 DSL Router
+Data ONTAP
 Digital Signage Player
 Discover
 Discovery
 Document Centre
 DuraFon
 ECOM100
+EDR-G902
+EDR-G903
+EM7
 EP-series
 EXA Signal Analyzer
 Eagle Eye Director II
 EchoLife Home Gateway
+EdgeRouter X
 EdgeSwitch
 Elevation
+Email Security Gateway
 EqualLogic
+Ethernet Relay Controller
 Ethernet Relay Module
 Excella
 Fastmark M5
@@ -64,15 +78,26 @@ Firewall-1
 FlexiPacket Hub
 FortiMail
 FortiManager
+GXP1610
+GXP1615
+GXP1625
+GXP1628
+GXP2200
 GigaVUE
 HDHomeRun
 HDIPCam
-HDX {hw.model}
+HT801
+HT802
+HT812
+HT813
+HT814
+HT818
 HiPer Access Router Card
 Home Controller
 Home Gateway
 HomePod
 Hue
+HyperFlex Connect
 IA Appliance
 IAM
 IBHLink S7++
@@ -83,6 +108,7 @@ IP Link Control Processor
 IP2IR
 IPMI
 IVR
+Infinity Controler
 IntelliSlot Web Card
 Internet Payment Gateway
 Internet Phone Adapter
@@ -94,6 +120,7 @@ JetDirect
 K1000
 KWS-1043N
 Key Management
+Key Management Server
 Lantick Ethernet Relay Controller
 Lencore Sound Manager 2
 MDS 9000
@@ -109,6 +136,7 @@ Mac mini (Late 2009)
 Mac mini (Late 2012)
 Mac mini (Late 2014)
 Mac mini (Late 2018)
+Mac mini (M1, 2020)
 Mac mini (Mid 2007)
 Mac mini (Mid 2010)
 Mac mini (Mid 2011)
@@ -126,16 +154,20 @@ MacBook Air (13-inch, Early 2014)
 MacBook Air (13-inch, Late 2010)
 MacBook Air (13-inch, Mid 2011)
 MacBook Air (13-inch, Mid 2012)
+MacBook Air (M1, 2020)
 MacBook Air (Mid 2009)
 MacBook Air (Retina, 13-inch, 2018)
 MacBook Air (Retina, 13-inch, 2019)
+MacBook Air (Retina, 13-inch, 2020)
 MacBook Pro (13-inch, 2016, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2016, Two Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2017, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)
 MacBook Pro (13-inch, 2019, Two Thunderbolt 3 ports)
+MacBook Pro (13-inch, 2020)
 MacBook Pro (13-inch, Late 2011)
+MacBook Pro (13-inch, M1, 2020)
 MacBook Pro (13-inch, Mid 2009)
 MacBook Pro (13-inch, Mid 2010)
 MacBook Pro (13-inch, Mid 2012)
@@ -147,6 +179,8 @@ MacBook Pro (15-inch, Late 2008)
 MacBook Pro (15-inch, Late 2011)
 MacBook Pro (15-inch, Mid 2009)
 MacBook Pro (15-inch, Mid 2010)
+MacBook Pro (15-inch, Mid 2012)
+MacBook Pro (16-inch, 2019)
 MacBook Pro (17-inch, Early 2008)
 MacBook Pro (17-inch, Late 2011)
 MacBook Pro (17-inch, Mid 2009)
@@ -158,29 +192,43 @@ MacBook Pro (Retina, 15-inch, Early 2013)
 MacBook Pro (Retina, 15-inch, Late 2013)
 MacBook Pro (Retina, 15-inch, Mid 2015)
 Makito X Decoder
+Media Gateway
 MediaLink Controller
 MediaSense
 Meeting Management
+Meeting Server
 MegaRAC
+Meraki Device
 Mercury
 Mergepoint
 Miniserver
 My Book Live
 N5172B Signal Generator
+NAM
+NAS4Free
 NFVIS
 NPort
+NetScaler Gateway
+NetScaler SDX Gateway
 NetScreen
 NetVR
 Netbox
+Netscaler Gateway
+Network Camera
 Network Gateway
 Network Node
+Network Security Appliance
+Nexus 1000V
 Nexus Player
+OfficeConnect Switch
 OnHub
 OpenManage
 OpenManage Switch
 OpenNAC
+Orbi micro
 Orbit IP Camera
 PDR M800
+PIAF Virtual Appliance
 PLAY
 PLC-5
 Paragon-100G
@@ -191,23 +239,29 @@ Prime Collaboration Manager
 Primergy
 Printer
 Prosafe Plus
+R Series
+RT31P2
 RTU
 Rack PDU Card
 Raspberry Pi
 ReadyNAS
-RealPresence Group {hw.model}
-RealPresence Trio {hw.model}
 RecoverPoint
 ReeCam
 Roku
-Room Alert {hw.product.model}
+Room Alert
 S7 DALI Gateway
+SD-WAN
 SHIELD
 SIP Gateway
 SIParator Firewall
+SL2100
 SLS
 SPA
+SPA112
+SPA122
 SRP
+SV8100
+SV9100
 ScanFront
 Scrutinizer
 Sensor
@@ -222,27 +276,37 @@ SolsticePod
 SoundPoint
 Spot
 Stealthwatch
+Steelhead
 Storage Appliance
 Sub
+Sunny WebBox
 SuperStack 3
 SuperStack 3 Firewall
 SuperStack II
 Symmetry EN-2DBC
 System Management
+TG789vac
 TelePresence
 TelePresence MCU
-TemPageR {hw.product.model}
 Tenable Appliance
 Tenable Core
-Thermal Label Printer {hw.model}
+Tetration
 Time Capsule
 TouchLink Control Panel
+UCM6202
+UCM6204
+UCM6208
 UCS Manager
+USG20-VPN
+USG40
+USG60
 UniFi Cloud Key
 UniFi NVR
 UniFi Security Gateway
+Univerge
 Universal Media Gateway
 VBrick Rev
+VPN Gateway
 Verizon FiOS Router
 Video Controller
 Vigor
@@ -250,12 +314,14 @@ Virtual Connect Manager
 Virtual Traffic Manager
 Vood
 WLAN AP
+WNR2000
 WebBox
 Whiteboard
 Wireless Dock
 Wireless LAN Controller
 Wireless Router
 XCC
+Xfinity Broadband Router
 Xserve (Early 2008)
 Xserve (Early 2009)
 Xserve (Late 2006)
@@ -268,6 +334,9 @@ e-STUDIO
 iCOM Control Panel
 iDRAC
 iLO
+iLO 3
+iLO 4
+iMac (20/24-inch, Early 2008)
 iMac (21.5-inch, 2017)
 iMac (21.5-inch, Late 2012)
 iMac (21.5-inch, Late 2013)
@@ -286,6 +355,7 @@ iMac (Retina 4K, 21.5-inch, 2019)
 iMac (Retina 4K, 21.5-inch, Late 2015)
 iMac (Retina 5K, 27-inch, 2017)
 iMac (Retina 5K, 27-inch, 2019)
+iMac (Retina 5K, 27-inch, 2020)
 iMac (Retina 5K, 27-inch, Late 2015)
 iMac (Retina 5K, 27-inch, Mid 2015)
 iMac Pro (Retina 5K, Late 2017)
@@ -297,7 +367,11 @@ iPad Air (3rd generation)
 iPad Air 2
 iPad Pro (10.5-inch)
 iPad Pro (11-inch)
+iPad Pro (11-inch, 2nd generation)
 iPad Pro (12.9-inch)
+iPad Pro (12.9-inch, 2nd generation)
+iPad Pro (12.9-inch, 3rd generation)
+iPad Pro (12.9-inch, 4th generation)
 iPad Pro (9.7-inch)
 iPad mini
 iPad mini (5th generation)
@@ -305,6 +379,12 @@ iPad mini 2
 iPad mini 3
 iPad mini 4
 iPhone
+iPhone 11 Pro
+iPhone 11 Pro Max
+iPhone 12 5G
+iPhone 12 Mini 5G
+iPhone 12 Pro 5G
+iPhone 12 Pro Max 5G
 iPhone 3G
 iPhone 3GS
 iPhone 4
@@ -321,6 +401,7 @@ iPhone 7 Plus
 iPhone 8
 iPhone 8 Plus
 iPhone SE
+iPhone SE (2020)
 iPhone X
 iPhone XR
 iPhone XS